/**
 * Project Name:kany-utils
 * File Name:TokenUtil.java
 * Package Name:me.kany.utils.token
 * Date:2016年9月21日下午4:01:07
 * Copyright (c) 2016, Jason.Wang All Rights Reserved.
 */
package me.kany.utils.token;

import java.security.Key;
import java.util.Arrays;
import java.util.Date;

import org.apache.commons.lang3.StringUtils;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

/**
 * ClassName:TokenUtil<br/>
 * Function: Token生成类<br/>
 * Date:2016年9月21日下午4:01:07<br/>
 * 
 * @author Jason.Wang
 * @version 1.0
 * @since JDK1.7
 * @see
 */
public class TokenUtil {
	
	/**
	 * 
	 * getJWTString: 获取生成的Token字符串. <br/>
	 *
	 * @author Jason.Wang
	 * @version 1.0
	 * @param username
	 * @param roles
	 * @param version
	 * @param expires
	 * @param key
	 * @return
	 * @since JDK1.7
	 *
	 */
	public static String getJWTString(String username, String[] roles, int version, Date expires, Key key) {
		if (username == null) {
            throw new NullPointerException("null username is illegal");
        }
        if (roles == null) {
            throw new NullPointerException("null roles are illegal");
        }
        if (expires == null) {
            throw new NullPointerException("null expires is illegal");
        }
        if (key == null) {
            throw new NullPointerException("null key is illegal");
        }

        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;

        String jwtString = Jwts
                .builder()
                .setIssuer("Jersey-Security-Basic")
                .setSubject(username)
                .setAudience(StringUtils.join(Arrays.asList(roles), ","))
                .setExpiration(expires)
                .setIssuedAt(new Date())
                .setId(String.valueOf(version))
                .signWith(signatureAlgorithm, key)
                .compact();
        return jwtString;
	}

	/**
	 * 
	 * isValid: 验证是否为有效的Token. <br/>
	 *
	 * @author Jason.Wang
	 * @version 1.0
	 * @param token
	 * @param key
	 * @return
	 * @since JDK1.7
	 *
	 */
	public static boolean isValid(String token, Key key) {
		try {
			Jwts.parser().setSigningKey(key).parseClaimsJws(token.trim());
			return true;
		} catch (Exception e) {
			e.printStackTrace();
			return false;
		}
	}

	/**
	 * 
	 * getName: 通过当前的Token和Key的值获取当前的用户的名称. <br/>
	 *
	 * @author Jason.Wang
	 * @version 1.0
	 * @param jwsToken
	 * @param key
	 * @return
	 * @since JDK1.7
	 *
	 */
	public static String getName(String jwsToken, Key key) {
		if (isValid(jwsToken, key)) {
			Jws<Claims> claimsJws = Jwts.parser().setSigningKey(key).parseClaimsJws(jwsToken);
			return claimsJws.getBody().getSubject();
		}
		return null;
	}

	/**
	 * 
	 * getRoles: 获取当前用户拥有的角色信息. <br/>
	 *
	 * @author Jason.Wang
	 * @version 1.0
	 * @param jwsToken
	 * @param key
	 * @return
	 * @since JDK1.7
	 *
	 */
	public static String[] getRoles(String jwsToken, Key key) {
		if (isValid(jwsToken, key)) {
			Jws<Claims> claimsJws = Jwts.parser().setSigningKey(key).parseClaimsJws(jwsToken);
			return claimsJws.getBody().getAudience().split(",");
		}
		return new String[] {};
	}

	/**
	 * 
	 * getVersion: 获取当前审定的version信息. <br/>
	 *
	 * @author Jason.Wang
	 * @version 1.0
	 * @param jwsToken
	 * @param key
	 * @return
	 * @since JDK1.7
	 *
	 */
	public static int getVersion(String jwsToken, Key key) {
		if (isValid(jwsToken, key)) {
			Jws<Claims> claimsJws = Jwts.parser().setSigningKey(key).parseClaimsJws(jwsToken);
			return Integer.parseInt(claimsJws.getBody().getId());
		}
		return -1;
	}
}
